MyBB Community Forums

MyBB Community Forums > Community > General Discussion > Web Development and Administration > PHP Code Obfuscation
Full Version: PHP Code Obfuscation
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

Anman

2010-12-04, 11:15 AM
I got to thinking about how to obfuscate PHP code and ended up with this:

<?php
$code = 'JHggPSAwO3doaWxlICgkeDwxMCl7ZWNobyAkeC4nIGF3ZXNvbWUuPGJyIC8+JzsgJHgrKzt9';
eval(base64_decode($code));

Fairly straight forward but effective. Though you can decode it yourself and format it to read it. Anyone have a better method?

dikidera

2010-12-04, 11:48 AM
Ioncube?

Anman

2010-12-04, 12:10 PM
ioncube costs money. Also I tried using gzcompress() but I ran into some character encoding problems.

dikidera

2010-12-04, 02:18 PM
Sometimes a person needs to spend some money to get the job done

Anman

2010-12-04, 03:35 PM
... I was talking about code methods anyways.

frostschutz

2010-12-04, 04:28 PM
The best method to obfuscate your code is using ROT13 twice for better security.

Anman

2010-12-04, 05:15 PM
I hardly see how ROT13 is any better then converting to base 64... explain?

Tom K.

2010-12-04, 06:13 PM
(2010-12-04, 04:28 PM)frostschutz Wrote: [ -> ]The best method to obfuscate your code is using ROT13 twice for better security.

lol Toungue

Quote:ROT13 is its own inverse; that is, to undo ROT13, the same algorithm is applied, so the same action can be used for encoding and decoding. The algorithm provides no cryptographic security, and is often cited as a canonical example of weak encryption. ROT13 has inspired a variety of letter and word games on-line, and is frequently mentioned in newsgroup conversations.
btw, what is the point in encoding in base 64? Its really simple to decode Toungue

For example yours is:
Quote:$x = 0;while ($x<10){echo $x.' awesome.<br />'; $x++;}
Encryption isnt easy, because for PHP to read it you have to write a plain text script to tell PHP what to do with the files. So the end user can simply look for your decoding methed, and apply it manually to see your code Smile

Anman

2010-12-04, 07:41 PM
ROT13 is just as simple to decode, that's my point.

Diogo Parrinha

2010-12-05, 11:33 PM
(2010-12-04, 07:41 PM)Anman Wrote: [ -> ]ROT13 is just as simple to decode, that's my point.

ROT13 can be decoded by using the inverse. frostschutz said _twice_, so by using it twice, you'll end up with the same code you tried to encode.

The best method is definitely an application which decodes the encoded file. The application must be installed on the server and must not be accessible by the user. In other words, something like ionCube. Everything else can be decrypted by using the key which is stored inside the file, unless you get the key from somewhere else, but that way anyone can get the key as well. So, yes only something like ionCube. Let me know if I'm incorrect.
Pages: 1 2 3
MyBB Community Forums > Community > General Discussion > Web Development and Administration > PHP Code Obfuscation